RTF – Page 2 – Computer Security Articles

Credit to Author: Aniruddha Dolas| Date: Wed, 06 Dec 2017 09:27:30 +0000

For the past few years, we have been seeing macro-based attacks through Object Linking Embedding (OLE)/Microsoft Office files. But, presently, attackers are using a different technique to spread malware through Office files – using a new attack vector called ‘Dynamic Data Exchange (DDE)’. DDE is an authorized Microsoft Office feature that provides several methods for transferring data between applications. Once the communication protocol is established, it doesn’t require user interactions…

QuickHeal Security

April 14, 2017 admin

CVE-2017-0199 – Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API

Credit to Author: Pradeep Kulkarni| Date: Fri, 14 Apr 2017 09:52:28 +0000

The newly discovered zero-day vulnerability (CVE-2017-0199) in Microsoft Office/WordPad is being actively exploited in the wild. Almost all Microsoft Office versions are affected with this bug. To fix this vulnerability, Microsoft released a security update on April 11, 2017. Vulnerable Versions According to Microsoft, the following are the affected products…

The post CVE-2017-0199 – Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.